CRYPTO_secure_malloc_init() fails without error message

Dr Paul Dale paul.dale at oracle.com
Fri Feb 21 12:51:51 UTC 2020


> CRYPTO_secure_malloc_init(OPENSSL_MIN_HEAP_SIZE, OPENSSL_MIN_HEAP_SIZE);

I’d strongly suggest not passing the same value in the second position.  This parameter sets the minimum block size that can be allocated in the secure heap.  The init call returns an error in this situation.  Do this instead: CRYPTO_secure_malloc_init(OPENSSL_MIN_HEAP_SIZE, 16);



Pauli
-- 
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
Phone +61 7 3031 7217
Oracle Australia




> On 21 Feb 2020, at 8:33 pm, Clay Shields <clay at cs.georgetown.edu> wrote:
> 
> Unfortunately that didn’t seem to be it. Updating my code to verify that I am root and running it:
> 
> Output:
> 
> The effective user id is  0
> The real user id is  0
> failed to init openssl secure heap the error may be (null)
> 
> Code:
> 
> #include <openssl/crypto.h>
> #include <openssl/conf.h>
> #include <openssl/evp.h>
> #include <openssl/err.h>
> #include <openssl/ssl.h>
> #include <sys/types.h>
> #include <unistd.h>
> #include <stdio.h>
> 
> #define OPENSSL_MIN_HEAP_SIZE 65536
> 
> 
> int main(){
> 
>  SSL_load_error_strings();
>  SSL_library_init ();
>  OpenSSL_add_all_algorithms ();
> 
>  uid_t uid, euid;
>  uid = getuid();
>  euid = geteuid();
>  printf("The effective user id is  %d\n", (int) geteuid());
>  printf("The real user id is  %d\n", (int) getuid());
> 
>  // Initialize the OPENSSL secure heap space for key storage
>  int ret = CRYPTO_secure_malloc_init(OPENSSL_MIN_HEAP_SIZE, OPENSSL_MIN_HEAP_SIZE);
> 
>  if (ret == 0){
>    printf("failed to init openssl secure heap the error may be %s\n", ERR_reason_error_string(ERR_get_error()));
>  }
> 
> }
> 
> 
>> On Feb 20, 2020, at 6:31 PM, Salz, Rich <rsalz at akamai.com> wrote:
>> 
>> Are you running as root?  If not, that's likely to be the problem.
>> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200221/a0af1656/attachment-0001.html>


More information about the openssl-users mailing list